Protection of personal data
Who we are
This policy applies for customers and visitors of https://www.growduino.cz website (CZ/EN version).
Growduino is owned by Roman Odstrčil, a private person running a businness, not incorporated in Companies Register. The business office is in Prosecká 677/127, Praha 9 – Prosek, PSČ 19000, Czech republic. IČ: 71806059. Mr. Odstčil, as a data administrator, shall process your personal data.
Data administrator contact:
Address: Prosecká 677/127, Praha 9 – Prosek, ZIP CODE 19000, Czech republic
Mobile phone: (+420) 777 291 922
Type of data processed
We are entitled to process your personal data and we may combine them for the purposes of performance of the agreement, as the case may be.
In the event that your personal data is disclosed to a third party, we shall inform you in advance including informing you of the identity of such third party. If anyone discloses your personal data to us, you will have to be informed as well.
When you visit our website, we may collect certain information such the IP address, date and time of the visit to our website, information about your Internet browser, operation system or language settings. We may also process information about your conduct on our website, such as links opened or goods displayed. The details of your conduct on the web are anonymised for the maximum protection of your privacy, the therefore we are not able to match them with a particular person.
If you access our website from your mobile phone or a similar device or through one of our mobile applications, we can process information about your mobile device, too (mobile phone details, records of application failure etc.).
If you contact us via web form, we shall also process your personal data stated in such communication.
We automatically process cookies. This is done through Google Analytics, which anonymises your personal data. It means that the cookies are not possible to match with a certain person.
Therefore we cannot monitor (even if we wanted to) the conduct of a certain user on our website. You are ensured maximum anonymity while making purchases on growduino.cz.
Why We Collect and Process Your Personal Data
Your personal data is processed for the following reasons:
1. Purchase of goods and services: the primary purpose of processing your data is due dispatch and delivery of your order. If a problem occurs, we know who to contact from the data you provided.
2. Customer care: if you address us with a question/issue, we have to process your personal data in order to answer/resolve it. The data may be transferred to third parties in certain cases (e.g. delivery company).
3. User account: thanks to the personal data entered in your user profile, you will be able to use a number of functions (e.g. if you enter your telephone number, we can easily inform you about the time of the order delivery).
4. Improvement of services: we are able to offer relevant goods thanks to the history of your orders and conduct on the website (e.g. accessories to the product purchased). Therefore we display such products that are intended just for you and correspond to your needs and interests. In order to optimise web features, we can also use tools testing different variants (A/B testing), such as Google Analytics, Facebook Analytics etc.
What Is the Period for Processing Your Personal Data?
We shall process your personal data for the entire duration of the contractual relationship between you and us.
In case your personal data processing is based on consent, your personal data shall be, in general, processed for 7 years or until such consent is withdrawn.
Please note that the personal data necessary for the due rendering of services or for the fulfillment of all our duties, ensuing either from the contract between us or from generally binding legal regulations have to be processed regardless of whether you granted your consent for the period set out in the relevant legal regulations and in compliance therewith (e.g. tax documents must be processed for at least 10 years).
The data obtained through the user account or in a similar way are processed for the period of using our services and then usually for 5 years after cancellation. Basic identification data and the information why the user account was canceled or information which is a part of operational advance deposits are usually stored for the relevant period.
Personal Data Security
Your personal data is safe with us. We have adopted adequate technical and organisational measures in order to prevent unauthorised access and misuse of your personal data.
We are concerned about the protection of your personal data. Therefore we regularly check and improve our security. All communication between your device and our web servers is encrypted. Logins are hashed and your data is only stored on servers in secure data centers with limited, carefully controlled and audited access.
The safety measures adopted are regularly updated.
What Are Your Rights Related to Personal Data Protection?
In relation to your personal data, you have in particular the right to withdraw your consent to the processing of your personal data at any time, the right to correct or supplement your personal data, the right to request restriction of processing, the right to raise an objection to or a complaint of the processing of your personal data, the right to access your personal data, the right to request the transfer of your personal data, the right to be informed of a breach of security of your personal data and, under certain conditions, the right to the deletion of certain personal data we process about you (“the right to be forgotten”).
In case you believe that your personal data has been processed incorrectly, you can contact us through the contact form.
You may also claim the deletion of your personal data (this shall not apply to data in documents that are subject to the obligation of archiving under the law (e.g. invoices or credit notes). In case we need your personal data to determine, execute or defend our legal claims, your request may be rejected (e.g. if we have an overdue invoice in your name or if the complaint procedure is in progress).
You are entitled to the deletion of data in the following cases:
- The personal data is not needed for the purposes for which it was being processed
- You have withdrawn your consent under which the data was processed and there is no further legal grounds for being processed
- You have objected to the processing of personal data and you believe that after assessing your objection, it will become clear that your interest in the particular situation prevails over ours
- The personal data has been processed unlawfully
- The deletion obligation is stipulated by a special legal regulation
- The personal data concerns a person under 16
You may assert you right through the contact form.
If you believe that your personal data has been processed unlawfully, you are entitled to lodge a complaint via growduino web online contact form.
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. We want to earn and maintain your trust, and we believe this is absolutely essential in order do that.
This Personal Data Protection Policy including its parts is valid and effective from 25 May 2018.